What's new: 2023

The features added and updates made to improve IBM® API Connect Enterprise as a Service in 2023.

For a list of the known limitations for IBM API Connect Enterprise as a Service, see Known limitations.

December

What's new for Developers

New API discovery capability
Now you can quickly discover the APIs in your organization, and pull them automatically into API Manager, by using GitHub, DataPower® API Gateway proxy, and OpenTelemetry on Istio collectors. For more information, see API discovery.

New toolkit command to execute API tests stored in a YAML file
The API Connect developer toolkit includes a new command apic test that uses the automated API behavior testing application to execute API tests. You can include one or more YAML files in the command, and each file can contain one or more API tests to be executed. For more information, see Using the toolkit CLI to execute API tests.

Support for OIDC discovery
API Connect now provides native support for OIDC discovery, which allows a client to query attributes of the provider itself. You can supply the provider's URL manually while configuring the OIDC parameters for a native OAuth provider, or have the field populated automatically when you specify OAuth settings for an OpenAPI 3.0 definition.

LDAP updates
  • The UI for creating an LDAP registry now provides options for specifying the scope for "Search DN" (subtree, one level, and base) as you can in the CLI.
  • You can now specify whether your LDAP is Microsoft Active Directory in the UI and with the CLI, to ensure that the directory is handled correctly in API Connect.
For more information, see Creating an LDAP user registry andUsing the CLI to create an LDAP user registry.

Updates to the assembly authoring experience in the API editor
The API editor for viewing and editing the assembly section of APIs in the API Manager and API Designer is updated with a new user experience. The overall capability remains the same, but the visual components for working with the flow canvas, the policy palette, and the policy properties are updated. For more information, see Including elements in your API assembly.

New rate limit and GraphQL built-in policies
The following rate limit and GraphQL policies are added to the API assembly editor:
  • ratelimitinfo
  • graphql-execute

Improvements to the API testing experience in the API editor
The Test tab section of the API editor is updated to allow API testing independently of the auto-publish setting, and to make important selections more visible. For more information, see Using the Test tab to debug your API.

What's new for API product managers

New timeout setting available for the self service onboarding task
You can now configure the timeout period for the self service onboarding task of API consumers into a catalog, and the associated Developer Portal. Previously, the self service onboarding task timeout was set at 72 hours, and couldn't be changed. Now you can update this setting by using the Self service onboarding task timeout setting in the Onboarding section of the Catalog settings tab. Note that this timeout setting includes the activation link and, if Self service onboarding approval is selected, the approval process as well. For more information, see Creating and configuring catalogs.

governance service updates
The following updates to the governance service are now available:
  • Validating API documents is now available in API Designer when the UI is online, and is connected to a cloud instance that has the governance microservice enabled on it.
  • You can now use the toolkit CLI to configure governance in the API Manager. You can also use the commands to validate an API document. For a complete list of the commands, and information about how to run them, run the following commands in the toolkit CLI:
    • apic --mode governance rulesets --help - displays the commands that are available for creating and managing rulesets.
    • apic --mode governance rules --help - displays the commands that are available for creating and managing rules.
    • apic --mode governance compliance --help - displays the commands that are available for running validation on API documents.
For more information about the API governance service, see Configuring governance in the API Manager and Validating an API document by using governance.

Analytics Monitoring Data Dashboard
The API Manager analytics view have a new dashboard called Monitoring Data Dashboard. The new dashboard provides information on which applications, plans, consumer organizations, and APIs are sending and receiving the most data.

New analytics API event fields
When using API Gateway v10.5.3 or higher, two new fields are included in API event records:
  • api_resource_id: String containing the resource ID for the API used by the gateway. Format is api_name:api_version:method:path.
  • gateway_service_name: The name of the gateway service, as configured in the Cloud Manager UI.

Analytics event query_string fields are now stored as text
API event query_string fields are now stored in analytics as text for improved indexing.

Top 20 analytics charts
New analytics charts that show the top 20 APIs, applications, and consumer organizations.

Analytics scroll API responses sorted by datetime
Calls to the analytics REST API events/scroll operation return results sorted by datetime.

Analytics inactive product report
New report in the API Manager UI that highlights products that have no subscriptions, no recent traffic, or no traffic at all.
Analytics inactive consumer report
New report in the API Manager UI that highlights consumers that have no applications, no subscriptions, no recent traffic, or no traffic at all.
Various analytics UI enhancements
  • UI Dashboards and Discover view has auto-refresh option to refresh the UI every 30 seconds automatically.
  • The columns displayed in the Analytics UI Discover view are now configurable and can be saved as part of a saved/shared query.
  • Calendar widget for easier date selection.
  • Display total option on specific charts. For example, when the option is enabled, the Top APIs chart shows the total API calls, so the comparison of calls to a single API against the total API calls is clear.
  • Shared and saved query table includes column showing filters used, for easier identification of the desired query.
  • New time range options for viewing API event data in the UI:
    • Last minute of API event data.
    • Last 5 minutes of API event data.
  • The time axis on analytics charts is sized appropriate to the available data points and selected time period.
Analytics API call volume leaderboards
The reports tab in the analytics view includes a leaderboard of the top APIs, products, plans, applications, and consumer organizations.
Analytics consumer trend report
The reports tab in the analytics view includes a new consumer trend report that shows changes to the number of applications and subscriptions in consumer organizations over time.
Detailed API, Product, Plan, Application, and consumer organization analytics reports
Detailed analytics information about specific APIs, products, plans, applications, and consumer organizations. For example, for an API, details of all the consumer organizations that use it. The detailed reports are accessible from the leaderboards in the reports view.

What's new for API consumers

Download your APIs in JSON format
You can now download your OpenAPI documents from the Developer Portal UI in JSON format, as well as YAML format. You can select your required download option from the Overview section of the API.

What's new for Developer Portal site administrators

New Developer Portal content commands

The new content commands allow you to list, export and import your Developer Portal site content. The following content commands are now available:

  • content:create-export

    Creates a task to export a .tgz file of your site content.

  • content:create-import

    Creates a task to import an archive of your site content.

  • content:delete-export

    Cancels any currently running content:create-export tasks, and deletes any related artifacts.

  • content:delete-import

    Cancels any currently running content:create-import tasks, and deletes any related artifacts.

  • content:get-export

    Streams the content of a specific completed export task to a .tgz file.

  • content:get-export-status

    Returns the status of a specific export task.

  • content:get-import-status

    Returns the status of a specific import task.

  • content:list-types

    Lists the exportable content types on your site.

  • content:list

    Lists all of the entities on your Developer Portal site for the given content type and bundle.

For more information about the content commands and how to use them, see Using the content commands.

New Developer Portal export-entity commands
The following export-entity commands are added, which enable you to export assorted entity content from your Developer Portal site.
  • export-entity:create

    Creates a new export entity, which is the container for the entity content that you want to export.

  • export-entity:add-content

    Adds content to an existing export entity.

  • export-entity:get

    Returns a list of the content of a specific export entity.

  • export-entity:remove-content

    Removes certain content from a specific export entity.

  • export-entity:delete

    Deletes a specific export entity.

  • export-entity:launch

    Launches an export entity polling task that creates a .tgz file of all of the entities that are contained in a specific export entity. Can be run with a --no-poll option, in which case the task doesn't return a .tgz file, but just returns the task ID.

  • export-entity:get-launch-export

    Streams the content of a specific completed export-entity:launch task to a .tgz file.

  • export-entity:delete-launch-export

    Cancels a currently running export-entity:launch task, and deletes any related artifacts.

  • export-entity:get-launch-export-status

    Returns the status of a specific export-entity:launch task.

  • export-entity:list

    Returns a list of all of the export entities within a specific Developer Portal. Each export entity contains a defined list of all of the entity content that will be exported if export-entity:launch is run.

For more information about the export-entity commands and how to use them, see Using the export-entity commands.

Note that you can now also export and import entities from the Developer Portal UI. When you're editing a content entity type in the UI, you can click Export in the side navigation bar. To create an export entity container and export that entity, including any required embedded entities, click Export entity. Or, if you have an existing export entity container, you can select the required container, and click Add to the export. You can also view and manage all of your export entities by clicking Content > Content synchronizer > Exports, and all of your import entities by clicking Content > Content synchronizer > Imports.

Updates to the Developer Portal site commands

The site command now enables you to export and import the entire configuration for a Developer Portal site, including custom modules, custom themes, site configuration, and site content. The added commands mean that you can easily replicate a Developer Portal site, for example replicating a test site into a production site. The following site commands are added:

  • site:create-export

    Creates a task to export a .tgz archive file of your entire site configuration. You can then use this archive to create an identical Developer Portal site.

  • site:create-import

    Creates a task to import an archive of your entire site configuration, completely overriding the original site configuration, including content, custom modules, and custom themes.

  • site:delete-export

    Cancels any currently running site:create-export tasks, and deletes any related artifacts.

  • site:delete-import

    Cancels any currently running site:create-import tasks, and deletes any related artifacts.

  • site:get-export-status

    Returns the status of a specific export task.

  • site:get-export

    Streams the content of a specific completed export task to a .tgz file.

  • site:get-import-status

    Returns the status of a specific import task.

Important: If you want to import a site export configuration file, the export file must have been created on the same version of API Connect as the version that you want to import to.

For more information about the site commands and how to use them, see Using the site commands.

Updates to the list of blocked Drupal modules
The following Drupal modules are now unsupported and their installation is blocked in the Developer Portal:
  • All of the advanced aggregation modules; advagg, advagg_mod, advagg_js_minify, advagg_css_minify, advagg_ext_minify, advagg_validator, and advagg_bundler. These modules are blocked due to incompatibility with the current Drupal version.
  • statistics module. This module is being deprecated by Drupal.
  • tfa module. Two-factor authentication isn't available within the Developer Portal. If multi-factor authentication is required, it can be configured within an OpenID Connect (OIDC) user registry; see Creating an OIDC user registry.
For more information about custom modules, see Installing custom modules.

Ability to identify the realm parameter when logging in as a consumer to the toolkit CLI
You can now find out which realm parameter you need to use when logging in to the Developer Portal with the toolkit CLI, by running the following command:
apic identity-providers:list --server consumer_endpoint_api --mode consumer --catalog catalog_name_or_id --org <provider_org_name_or_id> --fields registry_type,realm
For more information, see Logging in as a consumer to the Developer Portal by using the CLI.

Ability to configure the analytics chart views in the Developer Portal
You can now configure which analytics charts of API data are displayed to API consumers in the Developer Portal. Previously, if access to analytics data is granted, API consumers see all of the default charts of application and organization analytics data, including API statistics, response times, and error information. Now, you can configure which charts are displayed to your API consumers, by using the Configuration > System > IBM API Developer Portal Consumer Analytics menu in the Developer Portal UI.

October, November

No updates made.

September

API governance service updates
The following updates to the API governance service are now available:
  • When creating and editing rulesets, you can now add your own version number information, and can have rulesets with the same name but with different version numbers. Note that version numbers must be of the format major.minor.patch, for example 1.0.0.
  • The ruleset Name field is now auto-generated based on the Title field.
  • The version of the Spectral rulesets now matches the version of that ruleset that's available in Spectral. Spectral ruleset names are prefixed by spectral-.
For more information about the API governance service, see Configuring governance in the API Manager and Validating an API document by using governance.

Analytics data offload to Noname Security
You can now offload your analytics data to Noname Security. For more information, see Offloading analytics data to Noname Security.

New home page for the API Manager UI
The API Manager home page has been redesigned to help you navigate around the UI more easily, and provide quick access to key information.

June

What's new for Developers (June)

Vanity API endpoints are now supported in API Connect Enterprise as a Service
When you create a Catalog in API Connect Enterprise as a Service, you can configure custom API endpoints for it. For more information, see Creating and configuring Catalogs.

New API governance add-on service
governance is an add-on to IBM API Connect that can be used to validate and enforce organizational governance policies and best practices to your API development process. For more information, see Validating an API document by using governance.

Updated schema editor design for API definitions
The Definitions section of the API editor in the API Manager and API Designer UIs is updated to improve the user experience when creating and editing schema definitions. For more information, see Defining schemas for an API.

What's new for API product managers (June)

New API governance add-on service
governance is an add-on to IBM API Connect that can be used to validate and enforce organizational governance policies and best practices to your API development process. For more information, see Configuring governance in the API Manager.

Analytics long-term data
By default analytics event data is retained for up to 30 or 90 days, dependent on the deployment profile. With the new long-term data feature, event data is summarized and added to a new summary data index that has a 1 year default retention period. The summary data allows the product manager to view long-term trends. To view the summary data, the UIs have a new Reports tab, see Analytics dashboards. New REST API and toolkit CLI operations are also provided to access the summary data shown in the UI Reports tab.

Gateway policy titles, names, and types included in assembly latency visualization
To help identify where delays in API processing occur, when you click an API event in the analytics UI Discover view, the title, name, and type of gateway policies are included.

What's new for Developer Portal site administrators (June)

New Developer Portal CLI product commands

The new product commands allow you to update the images, attachments, tags and categories for products on your Developer Portal. In IBM API Connect 10.0.6.0 the newly added product commands are:

  • product:add-attachment
  • product:set-icon
  • product:add-tag
For more information about the product commands and how to use them, see Using the product commands.

New Developer Portal CLI api commands

The new api commands allow you to update the images, attachments, tags, and categories for products on your Developer Portal. In IBM API Connect 10.0.6.0 the newly added api commands are:

  • api:add-attachment
  • api:set-icon
  • api:add-tag
For more information about the api commands and how to use them, see Using the api commands.

New Developer Portal CLI site command
The new site:login-link command is now available for use through the IBM API Connect toolkit CLI. By running this command, you receive a one-time login link for the Developer Portal site admin account.

For more information about the site commands and how to use them, see Using the site commands.

New flag for the modules and themes commands in Developer Portal CLI
The new --custom flag added to your modules:list and themes:list commands helps you find what modules and themes have been installed on your Developer Portal site after an install.

For more information about the --custom flag, see Using the themes commands and Using the modules commands.

May

What's new for Developers (May)

Added APIs to manipulate attachments in a message object
The message object provides APIs and properties to manipulate message attachments. For more information, see Manipulating attachments in a message object.

Added the JSON custom scalar type for GraphQL APIs
You can use the JSON custom scalar type in GraphQL APIs to specify JSON payloads. For more information, see GraphQL custom schema directives and scalar types.

Added the ability to specify strict UTF-8 encoding for JSON documents
When you configure a Parse policy, you can specify whether to enforce strict UTF-8 encoding throughout the entire JSON document. For more information, see Parse.

Client credentials are shown in response to the apps:create command
If you're using the toolkit CLI to create consumer applications, the apic apps:create command now returns the client credentials for the application. For example, running the following command:
apic apps:create -s my_mgt_endpoint -o my_org -c my_catalog --consumer-org my_consumer-org tests/fixtures/refs/testapp.json
with the following payload:
{"title":"Jessica's Store","name":"store","redirect_endpoints":[]}
returns the following response:
store    [state: enabled]   https://example.com/api/apps/e6a4d5f1-bec0-416b-b1b7-738cc854c5b5/463d84ea-e70a-4338-beed-f3c2fe2547c0/423e0d4d-ea7c-4512-a5f6-afbd60bc3920/dab4a161-fdcd-455a-b5e7-c8447cc52105   
client_id:'12340747f8bed76c4807988603bffa1f'    client_secret: 'f123d1098ace3aa02d35d3f0da65a9f3'
For more information about how to run toolkit CLI commands, see API development and management commands.

Updates to Automated API behavior testing OpenAPI 3.0 support
You can use OpenAPI 3.0 APIs in Automated API behavior testing. For more information, see Testing an API with Automated API behavior testing.

What's new for API product managers (May)

Sender details for email notifications for consumer:app-suspended and consumer:app-reinstated are updated to be consistent with the notifications in the consumer space
The sender address details for the following two email templates are now consistent with the other email notifications:
  • consumer:app-suspended
  • consumer:app-reinstated
Previously, app-suspended and app-reinstated notifications were always sent from the Cloud level sender name and address that's configured in the Cloud Manager. However, this configuration does not follow the established pattern for notifications, as documented in Configuring sender details for email notifications.

These two templates are now sent from the sender address that's configured at the Catalog level, if provided, or the Provider Organization level, or, if neither of those sender details are provided, the Cloud Manager level, consistent with existing behavior for other templates.

Specify the fields that are returned from analytics REST API and toolkit CLI event queries.
You can specify the API event record fields that you want returned from REST API and toolkit CLI event queries. Use the --fields argument with the toolkit CLI, and the fields query parameter with the REST API, for example:
/events?fields=bytes_received,bytes_sent

Analytics discover view in context filtering
While you're viewing the analytics API event data in the discover view, you can now quickly add and remove filters to update the event data displayed. For more information about filtering analytics UI data, see Filtering displayed data.

Analytics dashboards enhanced with new charts
Three new charts are added to the analytics dashboards.
  • Usage Dashboard: Top APIs by request size.
  • Usage Dashboard: Top APIs by response size.
  • Monitoring Latency Dashboard: Top APIs by response time.

New analytics dashboard: Gateway Operations
A new analytics dashboard is provided, which shows the API usage and latency per gateway. For more information about the analytics dashboards, see Analytics dashboards.

Ability to save and share analytics queries
You can now save and share analytics queries created in the Cloud Manager and API Manager UIs. For more information about saving and sharing queries, see API Manager UI analytics view.

What's new for Developer Portal site administrators (May)

Change to the behavior of the approval process for onboarding to the Developer Portal
The way that the approval process works for onboarding to the Developer Portal has changed. In earlier releases, if Self service onboarding approval is enabled, and a user was approved to access a Developer Portal with a specific consumer organization, that user would not need to go through the approval process again if they created more consumer organizations for the same Developer Portal.

Now, Self service onboarding approval is honored whenever a consumer organization is created. So, even if a user is approved to access a Developer Portal with one consumer organization, if they then try to create another consumer organization in the same Developer Portal, their request will still go through the approval process.

For more information, see Creating and configuring Catalogs.

Developer Portal upgrade to Drupal 10

From API Connect 10.0.5.3, the Developer Portal, which is built on the open source Drupal content management system, will be upgraded from Drupal 9 to Drupal 10. This upgrade also requires PHP 8.1. As a result, all existing Developer Portal sites will be upgraded to Drupal 10, and all new sites will be based on Drupal 10 as well. Ensure that all modules and themes used on your Developer Portal site are compatible with Drupal 10 and PHP 8.1. While core modules and themes will be automatically made compatible as part of the upgrade, any custom modules or themes, whether created in-house or contributed by the Drupal community, need to be verified for compatibility before the upgrade.

For more information about the Drupal 10 upgrade, and how to ensure compatibility, see Guidelines on upgrading your Developer Portal from Drupal 9 to Drupal 10.

Dynamic translations for API Connect entities
The latest Developer Portal upgrade contains a dynamic translations feature for the API Connect entities, including Blocks, Nodes, and Menu Links. Now, when you update the existing translations for your API Connect entities, the changes are automatically reflected across your sites without the need of re-translation. The dynamic translations feature also includes adding new language codes and their accompanying translations.

Note that the translation changes may take 5-10 minutes to appear on the site as the cache recycles.

What's new for security practitioners (May)

The MD5 certificate fingerprint format is no longer displayed
API Connect no longer calculates and displays the certificate fingerprint format of MD5. However, the SHA1 and SHA256 certificate fingerprint formats are displayed.

Two additional claims added to the JWKS URL endpoint on the management platform REST API
The following two claims are added to the JSON Web Key Set (JWKS) URL (/api/cloud/oauth2/certs) endpoint that is hosted on the REST API of the management platform.
  • iss: describes the issuer of the token, which is IBM API Connect.
  • purpose: describes what kind of API Connect token the key can be used to verify.

What's new for V10 Enterprise as a Service administrators (May)

New subscription plan for API Connect Enterprise as a Service
API Connect Enterprise as a Service now offers the Advanced subscription, which extends the API Connect as-a-service architecture to deliver a highly available single-tenant API gateway that is managed by IBM and provides more data transformation features. For more information, see Purchase, subscription, and upgrade information.
New regions available
API Connect Enterprise as a Service is now available in the following additional regions: Sydney (ap-southeast), Mumbai (ap-south), and Jakarta (ap-southeast). For the complete list of supported regions and the outbound IP addresses used with each, see API Connect outbound IP addresses.

February

What's new for Developers (February)

Added the Date custom scalar type for GraphQL APIs
You can use the Date custom scalar type in GraphQL APIs to define custom scalars that specify dates. For more information, see Extensions to GraphQL.

Ability to set the API Designer locale
You can set a different locale than your current operating system for the API Designer application, by using the --lang argument when you start the application. For example, by using the --lang=es argument when you start API Designer, the language is set to Spanish. For more information, see Setting the locale for API Designer.

Ability to switch directories in API Designer
You can switch to a different directory after logging in to the API Designer application UI, by clicking Switch directory on the menu bar in the header. For more information, see Logging in from API Designer.

OpenAPI validation
You can now click Validate in the API Manager and API Designer API editors to validate your OpenAPI YAML source. If validation errors are found, you can click each error to navigate directly to the section of the API form that contains the invalid YAML. For more information, see Validating the OpenAPI YAML source.

Mock API message template
You can now create mock API responses by configuring a Message template policy. Usually, an API response is obtained by creating an Invoke policy in your API that interacts with a backend service. However, with the Message template policy you can produce a mock response internally by using the assembly logic, without needing to interact with a separate backend service. This mock response can return a simple literal response, such as a JSON document, or it can include dynamic content such as values that are derived from the request, or from other parts of the assembly context. For more information, see the following topics:

Support for multiple OAuth2 flows in OpenAPI 3.0 APIs
If you're creating or editing OpenAPI 3.0 APIs, you can now select multiple flows (grant types) for your OAuth2 security schemes. For more information about how to create OAuth2 security schemes, see Defining OAuth2 security scheme components.

Create and manage API keys for platform APIs
Create API keys associated with your user account, and then use them to authenticate when you call the APIs provided by API Connect. For more information, see Managing API keys.

What's new for API product managers (February)

Analytics UI enhancements
The analytics UI now includes the following enhancements:
  • All analytics views can be switched between local time and Coordinated Universal Time.
  • Analytics charts can be switched between linear and logarithmic axes, selectable from the chart options menu.
  • Analytics data can be shown going back to the start of your data retention period, not just the last 30 days.
  • When you create and edit queries, the custom time range option now provides precision to the second, rather than the minute.
  • Up to 200 events per page now viewable in the discover view tables.
  • Updated columns in the discover view, providing clearer and more useful information.
  • New query fields for gateway_ip, client_ip, immediate_client_ip. Queries can use CIDR notation to search by subnet.
  • New refresh button on dashboards to update the data that is displayed, without the need to reload the browser.
  • Ability to save and load analytics queries. Saved queries are stored in the analytics backup.

Analytics CLI and REST API enhancements
New filter operators for use with the CLI and REST API: startswith, endswith, regex, notoneof. For more information, see Example toolkit CLI operations.

Additional variables for customizing the email notification templates
More variables are available to add to the email notification templates, so that you can define custom templates with more flexibility when addressing the user that's receiving the email. The following user variables are now available:
  • originator
  • originatorFirstName
  • originatorLastName
  • originatorEmail
  • username
  • email
  • firstName
  • lastName
For more information, see Configuring notifications in the API Manager.

What's new for API consumers (February)

Consumer analytics redesign
The analytics dashboards in the Developer Portal are redesigned and enhanced. As well as viewing the standard analytics metrics for APIs at the application and organization level, API consumers can now view additional information, including response time, status codes, number of errors, and API call history.

What's new for Developer Portal administrators (February)

Use the toolkit CLI to enable and disable maintenance mode on your Developer Portal site
You can now enable and disable maintenance mode on your Developer Portal site, by using the Portal commands in the toolkit CLI. For more information, see How to enable and disable maintenance mode on your Developer Portal.

New drupal-state commands available in the Developer Portal command-line tool
The drupal-state commands enable you to store and retrieve information about the state of your Developer Portal system. For more information, see Using the drupal-state commands.

What's new for V10 Enterprise as a Service administrators (February)